Building a C# Authentication System with .NET - Part 1

More and more websites and apps ask for your phone number and, in many cases, are using it for two-factor authentication. (Read more about 2FA here.)
ht
In this tutorial, you will learn how to build your own C# two factor authentication system in about 30 minutes, using a classic SMS verification system, using .NET for the backend. In Part 2, we will implement it in one of our clients.

This class will contain all OTP requests. In this tutorial, we are only going to store them in memory, but in production, you would probably have them in a memcache or database connected with your user.

Create a new Empty WebAPI controller called OTP and add the below code:

Generating a random code

In this scenario, since it doesn’t really matter that it's totally random and I don’t care about threads, I am just going to use a static random. (If you are interested in using a safer thread-safe random in .NET, here is an example.)